북한 김수키(Kimsuky)에서 만든 악성코드-1.txt(2024.12.14)
Tags
attack-pattern: | Data Powershell - T1059.001 Windows Service - T1543.003 Powershell - T1086 |
Common Information
Type | Value |
---|---|
UUID | ab8d2b33-4c4c-4c05-88ed-e63092024dab |
Fingerprint | ee34ab6bb7ef65f2 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Dec. 24, 2024, midnight |
Added to db | Dec. 23, 2024, 4:10 p.m. |
Last updated | Dec. 23, 2024, 5:08 p.m. |
Headline | 꿈을꾸는 파랑새 |
Title | 북한 김수키(Kimsuky)에서 만든 악성코드-1.txt(2024.12.14) |
Detected Hints/Tags/Attributes | 17/1/16 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://wezard4u.tistory.com/429363 |
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 478 | ✔ | 꿈을꾸는 파랑새 | https://wezard4u.tistory.com/feed | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 9 | cve-2024-44175 |
|
Details | CVE | 9 | cve-2024-55884 |
|
Details | File | 2 | 악성코드-1.txt |
|
Details | File | 97 | 1.txt |
|
Details | File | 6 | system_first.ps1 |
|
Details | File | 1 | msupdate.ps1 |
|
Details | File | 1 | ttiimmeee-first-system.txt |
|
Details | File | 4 | 악성코드-confirmation.chm |
|
Details | File | 9 | _4.bat |
|
Details | md5 | 1 | aa793be3a980534b116c6744b77029e5 |
|
Details | sha1 | 1 | 71de1f8e9d109354d571df180563cb6ed1786792 |
|
Details | sha256 | 1 | 3e1353241852bc3ece184d55f1a2a194bdbe0a4ee6908d7a7827673b7fa38929 |
|
Details | Microsoft Patch Numbers | 17 | KB5048652 |
|
Details | Microsoft Patch Numbers | 18 | KB5048667 |
|
Details | Microsoft Patch Numbers | 17 | KB5048685 |
|
Details | Url | 1 | https://dl.dropboxuse |